An RSA survey of 6,000 US and EU adults found that only a minority (48%) believes there is any ethical way to use personal data (that figure rises to 60% when considering US respondents alone); 57% believe that data-breaches are the fault of companies for gathering and retaining data, not the hackers who release it; only 17% believe that ad customization is moral; and only 24% believe that newsfeed customization is moral. Read the rest “Vast majority of Americans and Europeans believe ad-targeting and feed customization are immoral”

Metrolinx, the provincial agency that supplies the Presto cards used to pay for public transit rides in Toronto, has continued to hand over riders' travel history to Toronto-area cops without asking for a warrant. Read the rest “Toronto cops can frequently get your public transit history without a warrant”

When Motherboard broke the story of a thriving underground in bounty-hunters and other unsavory sorts buying realtime location data from America's cellular carriers, many were outraged that the carriers had not lived up to their year-old promises to fix that massive hole in our location data. Read the rest “Data-broker implicated in bounty-hunters' access to mobile location data lobbied FCC to fight consent for sharing location data”

Motherboard's blockbuster story about mobile carriers selling your realtime location data into a marketplace where bounty hunters and other villains can buy it for just a few dollars has triggered an urgent, national conversation about the fact that, in the year since the first stories about this emerged, the carriers have not only failed to live up to their promises to put a stop to it, but seem to have made it even worse. Read the rest “Trump's FCC chairman won't do anything about your cellular company selling your location to bountyhunters because shutdown”

In the wake of this week's Motherboard scoop that the major US carriers sell customers' location data to marketing companies that sell it on to bounty hunters and other unsavory characters, Google has disclosed that they have told the carriers that supply service for its Google Fi mobile virtual network operator (MVNO) that they expect that Fi customers' data will not be sold this way. Read the rest “Google Fi to carriers: don't sell our customers' location data to third parties”

There have been several attempts to force the US telcoms industry to respect our privacy: to stop our ISPs from spying on us and selling our usage data to marketers, to stop the mobile carriers from spying on our location and selling the data to marketers (and, it turns out, stalkers and bounty hunters), and every attempt has fizzled, as telcoms lobbyists and telcoms-funded lawmakers have sold us out, saying that the privacy rules are unnecessary because the carriers wouldn't do anything too sketchy lest they suffer reputational damage. Read the rest “Why the hell do we continue to believe the carriers' promises to respect our privacy?”

If you want to follow someone in realtime, you don't need to shell out to shady data-brokers like Securus (which use a marketing company that exploits a privacy law loophole to obtain phone location data); there are a whole constellation of location data resellers who will do business with anyone, regardless of the notional privacy protections they promise the carriers they'll put in place. Read the rest “Bounty hunters track targets by buying realtime location data generated by T-Mobile, Sprint, and AT&T”

An investigation by the New York Times into the shadowy world of location-data brokerages found a whole menagerie of companies from IBM, Foursquare and the Weather Channel to obscure players like Groundtruth, Fysical and Safegraph, who pay app vendors to include their tracking code in common apps. Read the rest “Surveillance libraries in common smartphone apps have amassed dossiers on the minute-to-minute movements of 200 million+ Americans”

The year is 2031, and I'm going to see Avengers 7 in 8K-vision. I hop in my Goober self-driving car and notice something strange – my location is displayed on the Goober Dashboard, even though I opted out of Google AlwaysTrack™! There's a complete disconnect between what the user interface is telling me and what actually happens without my knowledge or consent.

As of July 1, registering a car in China will involve registering an RFID radio-beacon that will be planted on the car in order to track its movements. Read the rest “China mandates radio-tracking beacons in all cars”

Late last year, a pair of economists released an interesting paper that used mobile location data to estimate the likelihood that political polarization had shortened family Thanksgiving dinners in 2016. Read the rest “The most interesting thing about the "Thanksgiving Effect" study is what it tells us about the limits of data anonymization”

Philadelphia's WHYY radio reports that visitors to the city's hospital emergency room are blitzed for weeks with ads for personal injury lawyers, thanks to "geofenced ad" brokerages. Read the rest “Ad brokers are selling the fact that you visited an emergency room to ambulance-chasing lawyers”

A new California pilot program will let drivers replace their metal license plates with e-ink versions that will eliminate the need to use stickers to prove that you've renewed your tags, allow you to display arbitrary vanity messages when the car is stationary (the license plate number shrinks down and displays in a corner under these circumstances, allowing meter-maids to still ticket you), and to remote switch your plate display to STOLEN if your car is ripped off. Read the rest “California proposes location-tracking, e-ink license plates that display "STOLEN" if a car is boosted”

Securus is the widely abused location-tracking tool that exploits a loophole in privacy law to allow police to extract realtime and historical cellphone location data without a warrant or any accountability. Read the rest “The secret, unaccountable location-tracking tool favored by dirty cops has been hacked (and it wasn’t hard)”

Public records requests have revealed that on at least four occasions, the Raleigh-Durham police obtained warrants forcing Google to reveal the identities of every mobile user within acres of a crime scene, sweeping up the personal information of thousands of people in a quest to locate a single perp. Read the rest “Raleigh cops are investigating crime by getting Google to reveal the identity of every mobile user within acres of the scene”

Five years after activists forced Seattle's mayor to return the city's surveillance drones to their manufacturer, the city has announced that it is terminating its warrantless mass-surveillance program altogether. Read the rest “Seattle spends five years failing to come up with a privacy policy for its $3.6m surveillance network, then spends $150k ripping it out”

The ACLU of Northern California recently published a leaked email showing that Dataminr -- a Twitter-monitoring company partially owned by Twitter itself -- was selling access to US domestic surveillance "fusion centers" where local, state and federal agencies pool resources to spy on their targets. Read the rest “After ACLU investigation, Twitter blocks US surveillance "fusion centers" from monitoring tool”